Added OPENID_PROVIDER_TRUSTED_ROOTS django setting. It should be a
list of glob matching patterns: ['*.cs50.net', '*.other.net']
Also did some minor refactoring and cleanup.
- provider placed behind separate feature flag
- domain of openid consumer displayed in login page
- added logging for successful login, changed log messages to include
"OpenID"
* Save errors for courses that failed to load in modulestore
* global staff can see course errors on their dashboard
* put policy loading errors into the error trackers
* add has_access(user, 'global', 'staff'), which is equiv to user.is_staff for now
* apply policy per-course, even if multiple courses share course and org fields
* keep descriptors separate in xml store, so that if two such courses
change the same module in different ways, it works. Such edits will need to
merged on CMS import...
* add get_instance(course_id, location) method to replace get_item(location).
Update all the call sites
* tests, including a 2nd toy course with same course and org.
* All access control logic is now in access.py
* It exports a single method for general use: has_access(user, object, action)
- possible actions depend on object type (e.g. 'see_exists', 'enroll', 'staff')
* Removed DARK_LAUNCH feature flag--it is now the default behavior
* Replaced check_course with three separate more focused functions that use has_access
Minor things:
* note on using pdb in testing
* moved time parsing helper into timeparse.py
* x_modules now have a .start attribute (None if not in metadata)
* if the course metadata have enrollment_start and/or enrollment_end,
only allow normal users to enroll post start and pre end.
* If DARK_LAUNCH is on, staff can enroll outside the window
1. Multiple save()s on the same model are now handled properly. We
had to unmark model objects after the appropriate signals had
fired.
2. There was a side-effect where we were saving the portal User
object to the course_db with the using kw param, but models
remember where they were last saved to, so a later save on that
model object would go to the wrong database.
